From 0d13e0ed145f4c1b5bd1623ab529d24208304390 Mon Sep 17 00:00:00 2001 From: Roger Dingledine Date: Tue, 22 Sep 2009 22:09:33 -0400 Subject: [PATCH] Be more robust to bad circwindow values If the networkstatus consensus tells us that we should use a negative circuit package window, ignore it. Otherwise we'll believe it and then trigger an assert. Also, change the interface for networkstatus_get_param() so we don't have to lookup the consensus beforehand. --- ChangeLog | 7 ++++++- src/or/circuitlist.c | 9 +++++---- src/or/networkstatus.c | 8 ++++++-- 3 files changed, 17 insertions(+), 7 deletions(-) diff --git a/ChangeLog b/ChangeLog index b679bdefb7..7f9dc205da 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,4 +1,9 @@ -Changes in version 0.2.2.3-alpha - 2009-??-?? +Changes in version 0.2.2.3-alpha - 2009-09-23 + o Minor bugfixes: + - If the networkstatus consensus tells us that we should use a + negative circuit package window, ignore it. Otherwise we'll + believe it and then trigger an assert. + Changes in version 0.2.2.2-alpha - 2009-09-21 o Major features: diff --git a/src/or/circuitlist.c b/src/or/circuitlist.c index 259666732a..560bec55f1 100644 --- a/src/or/circuitlist.c +++ b/src/or/circuitlist.c @@ -367,10 +367,11 @@ circuit_purpose_to_controller_string(uint8_t purpose) int32_t circuit_initial_package_window(void) { - networkstatus_t *consensus = networkstatus_get_latest_consensus(); - if (consensus) - return networkstatus_get_param(consensus, "circwindow", CIRCWINDOW_START); - return CIRCWINDOW_START; + int32_t num = networkstatus_get_param(NULL, "circwindow", CIRCWINDOW_START); + /* If the consensus tells us a negative number, we'd assert. */ + if (num < 0) + num = CIRCWINDOW_START; + return num; } /** Initialize the common elements in a circuit_t, and add it to the global diff --git a/src/or/networkstatus.c b/src/or/networkstatus.c index fd38df4e68..5d1f8b24a3 100644 --- a/src/or/networkstatus.c +++ b/src/or/networkstatus.c @@ -1894,14 +1894,18 @@ networkstatus_dump_bridge_status_to_file(time_t now) } /** Return the value of a integer parameter from the networkstatus ns - * whose name is param_name. Return default_val if ns is NULL, - * or if it has no parameter called param_name. */ + * whose name is param_name. If ns is NULL, try loading the + * latest consensus ourselves. Return default_val if no latest + * consensus, or if it has no parameter called param_name. */ int32_t networkstatus_get_param(networkstatus_t *ns, const char *param_name, int32_t default_val) { size_t name_len; + if (!ns) /* if they pass in null, go find it ourselves */ + ns = networkstatus_get_latest_consensus(); + if (!ns || !ns->net_params) return default_val;